dependabot[bot]
|
e7fd4c6bc4
|
Bump guzzlehttp/guzzle from 6.5.5 to 6.5.6 (#412)
Bumps [guzzlehttp/guzzle](https://github.com/guzzle/guzzle) from 6.5.5 to 6.5.6.
- [Release notes](https://github.com/guzzle/guzzle/releases)
- [Changelog](https://github.com/guzzle/guzzle/blob/6.5.6/CHANGELOG.md)
- [Commits](https://github.com/guzzle/guzzle/compare/6.5.5...6.5.6)
---
updated-dependencies:
- dependency-name: guzzlehttp/guzzle
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-05-28 23:50:56 +02:00 |
|
dependabot[bot]
|
b894cdd6ce
|
Bump smarty/smarty from 3.1.43 to 3.1.45 (#413)
Bumps smarty/smarty from 3.1.43 to 3.1.45.
---
updated-dependencies:
- dependency-name: smarty/smarty
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-05-28 23:50:20 +02:00 |
|
dependabot[bot]
|
6731fcdf96
|
Bump guzzlehttp/psr7 from 1.6.1 to 1.8.5 (#406)
Bumps [guzzlehttp/psr7](https://github.com/guzzle/psr7) from 1.6.1 to 1.8.5.
- [Release notes](https://github.com/guzzle/psr7/releases)
- [Changelog](https://github.com/guzzle/psr7/blob/1.8.5/CHANGELOG.md)
- [Commits](https://github.com/guzzle/psr7/compare/1.6.1...1.8.5)
---
updated-dependencies:
- dependency-name: guzzlehttp/psr7
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-03-30 09:11:45 +02:00 |
|
Pierre Rudloff
|
3d09289104
|
Merge branch 'hotfix/3.0.3'
|
2022-03-08 09:33:44 +01:00 |
|
Pierre Rudloff
|
8913f27716
|
Disable the generic extractor entirely
It can be used for SSRF attacks even when redirects are disabled
|
2022-03-08 09:29:57 +01:00 |
|
Pierre Rudloff
|
148a171b24
|
Merge branch 'hotfix/3.0.2'
|
2022-02-27 12:32:36 +01:00 |
|
Pierre Rudloff
|
1b099bb983
|
Patch youtube-dl to disable redirects
In order to prevent SSRF attacks using redirects
|
2022-02-27 12:30:15 +01:00 |
|
Pierre Rudloff
|
3a4f09dda0
|
Prevent SSRF requests
By validating the provided URL before passing it to youtube-dl
|
2022-02-27 11:00:33 +01:00 |
|
Pierre Rudloff
|
2afbfb4bf2
|
fixup! Don't redirect to REQUEST_URI when browsing to index.php Instead, we can make sure everything works correctly on index.php
|
2022-02-20 14:06:59 +01:00 |
|
Pierre Rudloff
|
3ab22c654a
|
Merge branch 'hotfix/3.0.1'
|
2022-02-20 13:31:40 +01:00 |
|
Pierre Rudloff
|
bc14b6e45c
|
Don't redirect to REQUEST_URI when browsing to index.php
Instead, we can make sure everything works correctly on index.php
|
2022-02-20 13:28:57 +01:00 |
|
Pierre Rudloff
|
cf82f1cc8f
|
Add security policy
|
2022-02-19 20:47:53 +01:00 |
|
dependabot[bot]
|
fb78ecb410
|
Bump smarty/smarty from 3.1.39 to 3.1.43 (#383)
Bumps smarty/smarty from 3.1.39 to 3.1.43.
---
updated-dependencies:
- dependency-name: smarty/smarty
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-01-13 00:05:49 +01:00 |
|
Pierre Rudloff
|
eeda434b2f
|
Merge branch 'release-3.0.0'
|
2021-04-20 23:16:45 +02:00 |
|
Pierre Rudloff
|
b902c9027b
|
Upgrade youtube-dl to 2021.04.01 (fixes #349)
|
2021-04-02 21:05:50 +02:00 |
|
Advizormcpe1
|
be3f7d9a82
|
Updated japanese translation
|
2021-02-28 18:34:07 +01:00 |
|
Pierre Rudloff
|
97d6532388
|
Merge branch 'master' into develop
|
2021-02-26 22:53:09 +01:00 |
|
dependabot[bot]
|
6ab19b6d84
|
Bump smarty/smarty from 3.1.33 to 3.1.39 (#346)
Bumps smarty/smarty from 3.1.33 to 3.1.39.
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2021-02-26 22:48:17 +01:00 |
|
Pierre Rudloff
|
73e4fc1b13
|
Missing root_path service in tests
|
2021-02-22 21:16:29 +01:00 |
|
Pierre Rudloff
|
9688244285
|
Remove donation links
|
2021-02-22 21:12:23 +01:00 |
|
Pierre Rudloff
|
104a866188
|
Japanese translation
|
2021-02-22 21:10:58 +01:00 |
|
Pierre Rudloff
|
3cfd450258
|
Use a stable release of debugbar-smarty
|
2021-02-11 19:36:11 +01:00 |
|
Pierre Rudloff
|
1e17dff21e
|
Use the new root_path service to make some code more portable
|
2021-02-09 22:35:32 +01:00 |
|
Pierre Rudloff
|
f2be3a7e5b
|
Use relative paths on debug error page
|
2021-02-09 22:31:41 +01:00 |
|
Pierre Rudloff
|
9a27e7764a
|
Upgrade grumphp to 1.3
In order to use the new securitychecker_enlightn task
|
2021-02-07 13:40:02 +01:00 |
|
Pierre Rudloff
|
36ba147430
|
phpstan update
|
2021-02-07 12:42:03 +01:00 |
|
Pierre Rudloff
|
50fe879f16
|
Add route info to debug bar
|
2021-02-07 12:24:16 +01:00 |
|
Pierre Rudloff
|
9af922f3f1
|
Add Smarty collector to debug bar
|
2021-02-07 00:03:37 +01:00 |
|
Pierre Rudloff
|
bba5090ec3
|
We can't be sure of the class of the logger
|
2021-02-06 18:22:19 +01:00 |
|
Pierre Rudloff
|
5c0ed594f3
|
Debug bar
|
2021-02-06 15:35:09 +01:00 |
|
Pierre Rudloff
|
58f79c5012
|
Use enlightn/security-checker instead of sensiolabs/security-checker (fixes #342)
|
2021-02-02 21:26:26 +01:00 |
|
Pierre Rudloff
|
5d550a100d
|
Disable coverage in phpunit
It causes an error on Travis and it is not used anymore
|
2021-02-02 00:27:24 +01:00 |
|
Pierre Rudloff
|
077bb4762e
|
Merge branch 'master' into develop
|
2021-02-01 21:27:07 +01:00 |
|
prog-it
|
03d6a59b26
|
Russian translation (#341)
|
2021-02-01 21:26:23 +01:00 |
|
Pierre Rudloff
|
05311ac7b6
|
Add return types
|
2020-12-17 22:49:21 +01:00 |
|
Pierre Rudloff
|
f2785bca03
|
Clear Smarty compiled templates before controller tests
In order to avoid permission errors
|
2020-12-17 22:30:19 +01:00 |
|
Pierre Rudloff
|
9921b6210f
|
Merge tag '3.0.0-beta5' into develop
Composer 2 compatibility
Updated youtube-dl to 2020.11.12
Make sure locale is always set, even on first request
|
2020-12-17 20:07:44 +01:00 |
|
Pierre Rudloff
|
c9aa41d206
|
Merge branch 'release-3.0.0-beta5'
|
2020-12-17 20:06:09 +01:00 |
|
Éric Gaspar
|
a5bda1d35e
|
Fix small typos (#333)
* Fix small typos
- *Fix cap on YouTube, AllTube...*
* Fix YouTube cap
|
2020-12-05 15:00:46 +01:00 |
|
Pierre Rudloff
|
f2bef49ad6
|
fixup! Make sure locale is always set, even on first request
|
2020-11-21 14:38:37 +01:00 |
|
Pierre Rudloff
|
f184bda59b
|
Make sure locale is always set, even on first request
|
2020-11-21 14:20:01 +01:00 |
|
Pierre Rudloff
|
05959b17f0
|
Upgrade grumphp to 1.1
In order to improve output in CI
|
2020-11-16 23:31:18 +01:00 |
|
Pierre Rudloff
|
b5a585443a
|
fixup! The youtube-dl repository is back
|
2020-11-16 23:28:36 +01:00 |
|
Pierre Rudloff
|
81e42057f9
|
Upgrade composer-dangling-locked-deps to 0.2.1
To fix Composer 2 compatibility
|
2020-11-16 23:21:32 +01:00 |
|
Pierre Rudloff
|
a800a058fa
|
The youtube-dl repository is back
|
2020-11-16 20:48:03 +01:00 |
|
Pierre Rudloff
|
2d1d69a1f1
|
Refactor some Robo code
|
2020-11-16 20:45:49 +01:00 |
|
Tripp Sanders
|
bd2b72721f
|
Remove an extra S (#328)
* Remove an extra s
* Remove a few extra S’s
|
2020-11-08 19:53:42 +01:00 |
|
Pierre Rudloff
|
c844d3bf74
|
Merge tag '3.0.0-beta4' into develop
Fixed the CSP because it was breaking downloads on Chrome (#327)
Upgraded youtube-dl to 2020.11.01.1 (#326)
|
2020-11-04 23:08:02 +01:00 |
|
Pierre Rudloff
|
f6d3a72c31
|
Merge branch 'release/3.0.0-beta4'
|
2020-11-04 23:05:51 +01:00 |
|
Pierre Rudloff
|
c0b2acf33e
|
Don't restrict forms in CSP (#327)
|
2020-11-04 23:03:39 +01:00 |
|